diff options
| -rw-r--r-- | multimedia/vlc08/DESCR | 7 | ||||
| -rw-r--r-- | multimedia/vlc08/Makefile | 5 | ||||
| -rw-r--r-- | multimedia/vlc08/PLIST | 3 | ||||
| -rw-r--r-- | multimedia/vlc08/distinfo | 15 | ||||
| -rw-r--r-- | multimedia/vlc08/patches/patch-ab | 13 | ||||
| -rw-r--r-- | multimedia/vlc08/patches/patch-ac | 15 | ||||
| -rw-r--r-- | multimedia/vlc08/patches/patch-ad | 24 | ||||
| -rw-r--r-- | multimedia/vlc08/patches/patch-ae | 43 | ||||
| -rw-r--r-- | multimedia/vlc08/patches/patch-mmstu.c | 83 | ||||
| -rw-r--r-- | multimedia/vlc08/patches/patch-mmstu.h | 31 | ||||
| -rw-r--r-- | multimedia/vlc08/patches/patch-tta.c | 145 |
11 files changed, 278 insertions, 106 deletions
diff --git a/multimedia/vlc08/DESCR b/multimedia/vlc08/DESCR index 6ea7f1224c6..1da7ff93df0 100644 --- a/multimedia/vlc08/DESCR +++ b/multimedia/vlc08/DESCR @@ -8,3 +8,10 @@ and display it. It can also be used to display video read locally on the computer : DVDs, VCDs, MPEG and DivX files and from a satellite card. It is multi-plaform : Linux, Windows, Mac OS X, BeOS, BSD, Solaris, QNX, iPaq... The VideoLAN Client and Server now have a full IPv6 support. + +*** Please note: ffmpeg must NOT be built with the swscale option *** +For more information see: http://trac.videolan.org/vlc/ticket/1594 + +To disable swscale, please add the following to your /etc/mk.conf before +building ffmpeg: +PKG_OPTIONS.ffmpeg=-swscale diff --git a/multimedia/vlc08/Makefile b/multimedia/vlc08/Makefile index 4855b65ecd9..2101a7b8174 100644 --- a/multimedia/vlc08/Makefile +++ b/multimedia/vlc08/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.11 2008/09/08 18:42:21 ahoka Exp $ +# $NetBSD: Makefile,v 1.12 2008/09/12 14:47:39 sborrill Exp $ # DISTNAME= vlc-${VLC_VER} PKGNAME= vlc08-${VLC_VER} -VLC_VER= 0.8.6f +VLC_VER= 0.8.6i CATEGORIES= multimedia MASTER_SITES= http://download.videolan.org/pub/videolan/vlc/${VLC_VER}/ EXTRACT_SUFX= .tar.bz2 @@ -118,6 +118,7 @@ CONFIGURE_ARGS+= x_libraries=${PREFIX}/lib .include "../../multimedia/libmatroska/buildlink3.mk" .include "../../multimedia/libmpeg2/buildlink3.mk" .include "../../multimedia/libogg/buildlink3.mk" +.include "../../multimedia/x264-devel/buildlink3.mk" .include "../../textproc/libxml2/buildlink3.mk" .include "../../x11/libXv/buildlink3.mk" .include "../../x11/libXxf86vm/buildlink3.mk" diff --git a/multimedia/vlc08/PLIST b/multimedia/vlc08/PLIST index 766b455bc0b..d87ffb7ffef 100644 --- a/multimedia/vlc08/PLIST +++ b/multimedia/vlc08/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.8 2008/09/08 18:42:21 ahoka Exp $ +@comment $NetBSD: PLIST,v 1.9 2008/09/12 14:47:39 sborrill Exp $ ${PLIST.skins}bin/svlc bin/vlc bin/vlc-config @@ -263,6 +263,7 @@ share/locale/ru/LC_MESSAGES/vlc.mo share/locale/sk/LC_MESSAGES/vlc.mo share/locale/sl/LC_MESSAGES/vlc.mo share/locale/sq/LC_MESSAGES/vlc.mo +share/locale/sr/LC_MESSAGES/vlc.mo share/locale/sv/LC_MESSAGES/vlc.mo share/locale/th/LC_MESSAGES/vlc.mo share/locale/tr/LC_MESSAGES/vlc.mo diff --git a/multimedia/vlc08/distinfo b/multimedia/vlc08/distinfo index f708cf9a9ff..be1e52a7c5c 100644 --- a/multimedia/vlc08/distinfo +++ b/multimedia/vlc08/distinfo @@ -1,10 +1,9 @@ -$NetBSD: distinfo,v 1.5 2008/09/08 18:42:21 ahoka Exp $ +$NetBSD: distinfo,v 1.6 2008/09/12 14:47:39 sborrill Exp $ -SHA1 (vlc-0.8.6f.tar.bz2) = 9684bb7504636d3e3143734698c2bbac250f4a03 -RMD160 (vlc-0.8.6f.tar.bz2) = c52d0cb7e8ba36f9d0959b9d6e1e8b1b36b71b04 -Size (vlc-0.8.6f.tar.bz2) = 11433698 bytes +SHA1 (vlc-0.8.6i.tar.bz2) = 4c6f45dffe3a8309ce201897040dc1f82b9cde99 +RMD160 (vlc-0.8.6i.tar.bz2) = a5da4e1e0980594c678c04016491c8a373df4017 +Size (vlc-0.8.6i.tar.bz2) = 11786172 bytes SHA1 (patch-aa) = 497a83bb0f1e2c095a81aa84115e66b56dd47e2c -SHA1 (patch-ab) = c311b82c00f1eea164189a9759c9ca576faec671 -SHA1 (patch-ac) = 69f90b13aa4c398a00c12279c8bd8af922e9e8aa -SHA1 (patch-ad) = 29660533b468e6871fa8104e081f9321cfb30aa5 -SHA1 (patch-ae) = 21b6292e77469375edbfb7b828e298427e1ed118 +SHA1 (patch-mmstu.c) = ef4bed6fb5871790bb9198dad4961384f3e38d16 +SHA1 (patch-mmstu.h) = a11be24360948bcd8ca32bd7d01020e34c0801ad +SHA1 (patch-tta.c) = 923852b9aedeb75eed052e532ce5ddf50ab19951 diff --git a/multimedia/vlc08/patches/patch-ab b/multimedia/vlc08/patches/patch-ab deleted file mode 100644 index 4487708f6f0..00000000000 --- a/multimedia/vlc08/patches/patch-ab +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-ab,v 1.5 2008/09/08 18:42:21 ahoka Exp $ - ---- modules/gui/wxwidgets/dialogs.cpp.orig 2007-11-26 14:08:05.000000000 +0100 -+++ modules/gui/wxwidgets/dialogs.cpp -@@ -376,7 +376,7 @@ void DialogsProvider::OnOpenFileGeneric( - { - p_file_generic_dialog->SetMessage( wxU(p_arg->psz_title) ); - p_file_generic_dialog->SetWildcard( wxU(p_arg->psz_extensions) ); -- p_file_generic_dialog->SetStyle( (p_arg->b_save ? wxSAVE : wxOPEN) | -+ p_file_generic_dialog->SetWindowStyle( (p_arg->b_save ? wxSAVE : wxOPEN) | - (p_arg->b_multiple ? wxMULTIPLE:0) ); - } - diff --git a/multimedia/vlc08/patches/patch-ac b/multimedia/vlc08/patches/patch-ac deleted file mode 100644 index ce327ad9531..00000000000 --- a/multimedia/vlc08/patches/patch-ac +++ /dev/null @@ -1,15 +0,0 @@ -$NetBSD: patch-ac,v 1.1 2008/09/08 18:42:21 ahoka Exp $ - -Fix wrong boundary check in Speex decoder (CVE-2008-1686). - ---- modules/codec/speex.c.orig 2008-03-23 22:41:48.000000000 +0000 -+++ modules/codec/speex.c -@@ -332,7 +332,7 @@ static int ProcessInitialHeader( decoder - msg_Err( p_dec, "cannot read Speex header" ); - return VLC_EGENERIC; - } -- if( p_header->mode >= SPEEX_NB_MODES ) -+ if( p_header->mode >= SPEEX_NB_MODES || p_header->mode < 0 ) - { - msg_Err( p_dec, "mode number %d does not (yet/any longer) exist in " - "this version of libspeex.", p_header->mode ); diff --git a/multimedia/vlc08/patches/patch-ad b/multimedia/vlc08/patches/patch-ad deleted file mode 100644 index e9f7a3263b7..00000000000 --- a/multimedia/vlc08/patches/patch-ad +++ /dev/null @@ -1,24 +0,0 @@ -$NetBSD: patch-ad,v 1.1 2008/09/08 18:42:21 ahoka Exp $ - -Fix compilability of CDDA code with modern libcdio versions. - ---- modules/access/cdda/cdda.h.orig 2008-03-23 22:41:48.000000000 +0000 -+++ modules/access/cdda/cdda.h -@@ -75,7 +75,7 @@ typedef enum { - paranoia_none = 0, /* Note: We make use of 0 as being the same as false */ - paranoia_overlap = 1, - paranoia_full = 2 --} paranoia_mode_t; -+} vlc_paranoia_mode_t; - - - /***************************************************************************** -@@ -107,7 +107,7 @@ typedef struct cdda_data_s - - #if LIBCDIO_VERSION_NUM >= 72 - /* Paranoia support */ -- paranoia_mode_t e_paranoia; /* Use cd paranoia for reads? */ -+ vlc_paranoia_mode_t e_paranoia; /* Use cd paranoia for reads? */ - cdrom_drive_t *paranoia_cd; /* Place to store drive - handle given by paranoia. */ - cdrom_paranoia_t *paranoia; diff --git a/multimedia/vlc08/patches/patch-ae b/multimedia/vlc08/patches/patch-ae deleted file mode 100644 index 81ffd8c0119..00000000000 --- a/multimedia/vlc08/patches/patch-ae +++ /dev/null @@ -1,43 +0,0 @@ -$NetBSD: patch-ae,v 1.1 2008/09/08 18:42:21 ahoka Exp $ - ---- modules/demux/wav.c.orig 2008-03-23 23:41:49.000000000 +0100 -+++ modules/demux/wav.c -@@ -103,7 +103,8 @@ static int Open( vlc_object_t * p_this ) - demux_sys_t *p_sys; - - uint8_t *p_peek; -- unsigned int i_size, i_extended; -+ uint32_t i_size; -+ unsigned int i_extended; - char *psz_name; - - WAVEFORMATEXTENSIBLE *p_wf_ext = NULL; -@@ -136,7 +137,8 @@ static int Open( vlc_object_t * p_this ) - msg_Err( p_demux, "cannot find 'fmt ' chunk" ); - goto error; - } -- if( i_size < sizeof( WAVEFORMATEX ) - 2 ) /* XXX -2 isn't a typo */ -+ i_size += 2; -+ if( i_size < sizeof( WAVEFORMATEX ) ) - { - msg_Err( p_demux, "invalid 'fmt ' chunk" ); - goto error; -@@ -144,14 +146,15 @@ static int Open( vlc_object_t * p_this ) - stream_Read( p_demux->s, NULL, 8 ); /* Cannot fail */ - - /* load waveformatex */ -- p_wf_ext = malloc( __EVEN( i_size ) + 2 ); -+ p_wf_ext = malloc( i_size ); - if( p_wf_ext == NULL ) - goto error; - - p_wf = (WAVEFORMATEX *)p_wf_ext; - p_wf->cbSize = 0; -- if( stream_Read( p_demux->s, -- p_wf, __EVEN( i_size ) ) < (int)__EVEN( i_size ) ) -+ i_size -= 2; -+ if( stream_Read( p_demux->s, p_wf, i_size ) != (int)i_size -+ || ( ( i_size & 1 ) && stream_Read( p_demux->s, NULL, 1 ) != 1 ) ) - { - msg_Err( p_demux, "cannot load 'fmt ' chunk" ); - goto error; diff --git a/multimedia/vlc08/patches/patch-mmstu.c b/multimedia/vlc08/patches/patch-mmstu.c new file mode 100644 index 00000000000..2a9f0cd88e4 --- /dev/null +++ b/multimedia/vlc08/patches/patch-mmstu.c @@ -0,0 +1,83 @@ +$NetBSD: patch-mmstu.c,v 1.1 2008/09/12 14:47:39 sborrill Exp $ + +Fix for: +* A signedness error leading to a stack-based buffer overflow in the +mms_ReceiveCommand() function in modules/access/mms/mmstu.c +(CVE-2008-3794). + +--- modules/access/mms/mmstu.c.orig 2008-07-08 21:59:23.000000000 +0100 ++++ modules/access/mms/mmstu.c 2008-09-12 11:16:01.000000000 +0100 +@@ -28,6 +28,7 @@ + #include <stdlib.h> + #include <vlc/vlc.h> + #include <string.h> ++#include <inttypes.h> + #include <vlc/input.h> + #include <errno.h> + +@@ -695,7 +696,7 @@ + GetDWLE( p_sys->p_cmd + MMS_CMD_HEADERSIZE + 60 ); + + msg_Dbg( p_access, +- "answer 0x06 flags:0x%8.8x media_length:%us packet_length:%lu packet_count:%u max_bit_rate:%d header_size:%d", ++ "answer 0x06 flags:0x%8.8"PRIx32" media_length:%"PRIu32"s packet_length:%zu packet_count:%"PRIu32" max_bit_rate:%d header_size:%zu", + p_sys->i_flags_broadcast, + p_sys->i_media_length, + p_sys->i_packet_length, +@@ -749,12 +750,12 @@ + if( p_sys->i_header >= p_sys->i_header_size ) + { + msg_Dbg( p_access, +- "header complete(%d)", ++ "header complete(%zu)", + p_sys->i_header ); + break; + } + msg_Dbg( p_access, +- "header incomplete (%d/%d), reading more", ++ "header incomplete (%zu/%zu), reading more", + p_sys->i_header, + p_sys->i_header_size ); + } +@@ -1128,7 +1129,7 @@ + + static int mms_ParseCommand( access_t *p_access, + uint8_t *p_data, +- int i_data, ++ size_t i_data, + int *pi_used ) + { + #define GET32( i_pos ) \ +@@ -1137,7 +1138,7 @@ + ( p_sys->p_cmd[i_pos + 3] << 24 ) ) + + access_sys_t *p_sys = p_access->p_sys; +- int i_length; ++ uint32_t i_length; + uint32_t i_id; + + if( p_sys->p_cmd ) +@@ -1159,10 +1160,10 @@ + i_id = GetDWLE( p_data + 4 ); + i_length = GetDWLE( p_data + 8 ) + 16; + +- if( i_id != 0xb00bface ) ++ if( i_id != 0xb00bface || i_length < 16 ) + { + msg_Err( p_access, +- "incorrect command header (0x%x)", i_id ); ++ "incorrect command header (0x%"PRIx32")", i_id ); + p_sys->i_command = 0; + return -1; + } +@@ -1170,8 +1171,8 @@ + if( i_length > p_sys->i_cmd ) + { + msg_Warn( p_access, +- "truncated command (missing %d bytes)", +- i_length - i_data ); ++ "truncated command (missing %zu bytes)", ++ (size_t)i_length - i_data ); + p_sys->i_command = 0; + return -1; + } diff --git a/multimedia/vlc08/patches/patch-mmstu.h b/multimedia/vlc08/patches/patch-mmstu.h new file mode 100644 index 00000000000..aa4d8ae9ed5 --- /dev/null +++ b/multimedia/vlc08/patches/patch-mmstu.h @@ -0,0 +1,31 @@ +$NetBSD: patch-mmstu.h,v 1.1 2008/09/12 14:47:39 sborrill Exp $ + +Fix for: +* A signedness error leading to a stack-based buffer overflow in the +mms_ReceiveCommand() function in modules/access/mms/mmstu.c +(CVE-2008-3794). + +--- modules/access/mms/mmstu.h.orig 2008-07-08 21:59:23.000000000 +0100 ++++ modules/access/mms/mmstu.h 2008-09-12 11:16:06.000000000 +0100 +@@ -62,10 +62,10 @@ + int i_packet_seq_num; + + uint8_t *p_cmd; /* latest command read */ +- int i_cmd; /* allocated at the begining */ ++ size_t i_cmd; /* allocated at the begining */ + + uint8_t *p_header; /* allocated by mms_ReadPacket */ +- int i_header; ++ size_t i_header; + + uint8_t *p_media; /* allocated by mms_ReadPacket */ + size_t i_media; +@@ -86,7 +86,7 @@ + size_t i_packet_length; + uint32_t i_packet_count; + int i_max_bit_rate; +- int i_header_size; ++ size_t i_header_size; + + /* */ + vlc_bool_t b_seekable; diff --git a/multimedia/vlc08/patches/patch-tta.c b/multimedia/vlc08/patches/patch-tta.c new file mode 100644 index 00000000000..1923c02eb86 --- /dev/null +++ b/multimedia/vlc08/patches/patch-tta.c @@ -0,0 +1,145 @@ +$NetBSD: patch-tta.c,v 1.1 2008/09/12 14:47:39 sborrill Exp $ + +Fix for: +* An integer overflow leading to a heap-based buffer overflow in the +Open() function in modules/demux/tta.c (CVE-2008-3732). + +--- modules/demux/tta.c.orig 2008-07-08 21:59:23.000000000 +0100 ++++ modules/demux/tta.c 2008-09-12 11:16:11.000000000 +0100 +@@ -60,10 +60,10 @@ + es_out_id_t *p_es; + + /* */ +- int i_totalframes; +- int i_currentframe; ++ uint32_t i_totalframes; ++ uint32_t i_currentframe; + uint32_t *pi_seektable; +- int i_datalength; ++ uint32_t i_datalength; + int i_framelength; + + /* */ +@@ -81,10 +81,11 @@ + es_format_t fmt; + uint8_t *p_peek; + uint8_t p_header[22]; +- uint8_t *p_seektable; +- int i_seektable_size = 0, i; ++ uint8_t *p_fullheader; ++ int i_seektable_size = 0; + //char psz_info[4096]; + //module_t *p_id3; ++ uint32_t i; + + if( stream_Peek( p_demux->s, &p_peek, 4 ) < 4 ) + return VLC_EGENERIC; +@@ -94,7 +95,7 @@ + if( !p_demux->b_force ) return VLC_EGENERIC; + + /* User forced */ +- msg_Err( p_demux, "this doesn't look like a flac stream, " ++ msg_Err( p_demux, "this doesn't look like a true-audio stream, " + "continuing anyway" ); + } + +@@ -106,11 +107,22 @@ + p_demux->pf_control = Control; + p_demux->p_sys = p_sys = malloc( sizeof( demux_sys_t ) ); + ++ if( !p_sys ) ++ return VLC_ENOMEM; ++ ++ p_sys->pi_seektable = NULL; ++ + /* Read the metadata */ + es_format_Init( &fmt, AUDIO_ES, VLC_FOURCC( 'T', 'T', 'A', '1' ) ); + fmt.audio.i_channels = GetWLE( &p_header[6] ); + fmt.audio.i_bitspersample = GetWLE( &p_header[8] ); + fmt.audio.i_rate = GetDWLE( &p_header[10] ); ++ if( fmt.audio.i_rate == 0 || /* Avoid divide by 0 */ ++ fmt.audio.i_rate > ( 1 << 20 ) /* Avoid i_framelength overflow */ ) ++ { ++ msg_Warn( p_demux, "Wrong sample rate" ); ++ goto error; ++ } + + p_sys->i_datalength = GetDWLE( &p_header[14] ); + p_sys->i_framelength = TTA_FRAMETIME * fmt.audio.i_rate; +@@ -118,25 +130,36 @@ + p_sys->i_totalframes = p_sys->i_datalength / p_sys->i_framelength + + ((p_sys->i_datalength % p_sys->i_framelength) ? 1 : 0); + p_sys->i_currentframe = 0; ++ if( p_sys->i_totalframes > (1 << 29)) ++ goto error; + + i_seektable_size = sizeof(uint32_t)*p_sys->i_totalframes; +- p_seektable = (uint8_t *)malloc( i_seektable_size ); +- stream_Read( p_demux->s, p_seektable, i_seektable_size ); +- p_sys->pi_seektable = (uint32_t *)malloc(i_seektable_size); + ++ /* Store the header and Seektable for avcodec */ ++ fmt.i_extra = 22 + i_seektable_size + 4; ++ fmt.p_extra = p_fullheader = malloc( fmt.i_extra ); ++ if( !p_fullheader ) ++ goto error; ++ ++ memcpy( p_fullheader, p_header, 22 ); ++ p_fullheader += 22; ++ if( stream_Read( p_demux->s, p_fullheader, i_seektable_size ) ++ != i_seektable_size ) ++ goto error; ++ ++ p_sys->pi_seektable = calloc( p_sys->i_totalframes, sizeof(uint32_t) ); ++ if( !p_sys->pi_seektable ) ++ goto error; + for( i = 0; i < p_sys->i_totalframes; i++ ) +- p_sys->pi_seektable[i] = GetDWLE( &p_seektable[i*4] ); +- +- stream_Read( p_demux->s, NULL, 4 ); /* CRC */ ++ { ++ p_sys->pi_seektable[i] = GetDWLE( p_fullheader ); ++ p_fullheader += 4; ++ } + +- /* Store the header and Seektable for avcodec */ +- fmt.i_extra = 22 + (p_sys->i_totalframes * 4) + 4; +- fmt.p_extra = malloc( fmt.i_extra ); +- memcpy( fmt.p_extra, p_header, 22 ); +- memcpy( fmt.p_extra+22, p_seektable, fmt.i_extra -22 ); ++ stream_Read( p_demux->s, p_fullheader, 4 ); /* CRC */ ++ p_fullheader += 4; + + p_sys->p_es = es_out_Add( p_demux->out, &fmt ); +- free( p_seektable ); + p_sys->i_start = stream_Tell( p_demux->s ); + + #if 0 +@@ -152,6 +175,10 @@ + p_sys->p_meta = vlc_meta_New(); + #endif + return VLC_SUCCESS; ++error: ++ es_format_Clean( &fmt ); ++ Close( p_this ); ++ return VLC_EGENERIC; + } + + /***************************************************************************** +@@ -162,6 +189,7 @@ + demux_t *p_demux = (demux_t*)p_this; + demux_sys_t *p_sys = p_demux->p_sys; + ++ free( p_sys->pi_seektable ); + free( p_sys ); + } + +@@ -221,7 +249,7 @@ + if( i64 > 0 ) + { + int64_t tmp = 0; +- int i; ++ uint32_t i; + for( i=0; i < p_sys->i_totalframes && tmp+p_sys->pi_seektable[i] < i64; i++) + { + tmp += p_sys->pi_seektable[i]; |